-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix incorrect implementation of auditlog managment #9002
Conversation
26c25a3
to
2db53d0
Compare
|
||
**Breaking Change** | ||
|
||
Parameter `enable_auditlog` is not possible to set through System settings anymore. If you set this parameter or you need to set it to `False` (to disable audit logging), set environmental variable `DD_ENABLE_AUDITLOG` to `False`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Another env var should be added to the docker-compose.yml
file in all the containers ran by the django image. This should do the trick
DD_ENABLE_AUDITLOG: ${DD_ENABLE_AUDITLOG:-False}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Maffooch, is this text which I should add to the mentioned file?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Correct. Somewhere in the environment
blocks for the uwsgi, celerybeat, celeryworker, and init
containers
django-DefectDojo/docker-compose.yml
Line 50 in 19c4e74
environment: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
e0dffca
to
5468487
Compare
Conflicts have been resolved. A maintainer will review the pull request shortly. |
Contextual Security AnalysisAs DryRun Security performs checks, we’ll summarize them here. You can always dive into the results in the section below for checks.
Chat with your AI-powered Security Buddy by typing Install and configure more repositories at DryRun Security |
7ec383d
to
e0d4e3f
Compare
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
e0d4e3f
to
33a7d60
Compare
Conflicts have been resolved. A maintainer will review the pull request shortly. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved
During troubleshooting of unittests in #8824, I found out that settings
auditlog
viaSystem_Settings
is not behaving correctly.It is not possible to enable/disable auditlog dynamically in one of the running containers because it will have only a "local" effect.
Enabling/disabling have to be set before start (e.g. by environmental variable).